protected function btnLogin_Click($strFormId, $strControlId, $strParameter)
{
if ($_SERVER['REMOTE_ADDR'] != "127.0.0.1" && substr($_SERVER['REMOTE_ADDR'], 0, 8) != "192.168.") {
$ip_array = json_decode(file_get_contents("http://192.168.1.168:8888/eBayBO/service.php?action=getClientIp"));
//file_put_contents("/tmp/xx.log", print_r($ip_array, true));
if (!in_array($_SERVER['REMOTE_ADDR'], $ip_array)) {
$blnError = true;
$this->txtUsername->Warning = QApplication::Translate('Invalid username or password.');
return 0;
}
}
$blnError = false;
$strUsername = $this->txtUsername->Text;
$strPassword = $this->txtPassword->Text;
$objUserAccount = UserAccount::LoadByUsername($strUsername);
$errorMessage = QApplication::Translate('Invalid username or password.');
// Check if that username exists
if (!$objUserAccount) {
$blnError = true;
$this->txtUsername->Warning = $errorMessage;
} elseif (!$objUserAccount->ActiveFlag) {
$blnError = true;
$this->txtUsername->Warning = $errorMessage;
} elseif (sha1($strPassword) != $objUserAccount->PasswordHash) {
$blnError = true;
$this->txtPassword->Warning = $errorMessage;
} else {
QApplication::Login($objUserAccount);
// If the user has access to the assets module, send them there. Otherwise, send them to the home module.
$objRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2);
if ($objRoleModule->AccessFlag) {
QApplication::Redirect('./inventory/');
} else {
Qapplication::Redirect('./home/');
}
}
}
protected function btnLogin_Click($strFormId, $strControlId, $strParameter)
{
$blnError = false;
$strUsername = $this->txtUsername->Text;
$strPassword = $this->txtPassword->Text;
$objUserAccount = UserAccount::LoadByUsername($strUsername);
$errorMessage = 'Invalid username or password.';
$objHasher = new PasswordHash(8, PORTABLE_PASSWORDS);
// Check if that username exists
if (!$objUserAccount) {
$blnError = true;
$this->txtPassword->Warning = $errorMessage;
} elseif (!$objUserAccount->ActiveFlag) {
$blnError = true;
$this->txtPassword->Warning = $errorMessage;
} elseif (!$objHasher->CheckPassword(sha1($strPassword), $objUserAccount->PasswordHash)) {
$blnError = true;
$this->txtPassword->Warning = $errorMessage;
} else {
QApplication::Login($objUserAccount);
$objAssetRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2);
$objInventoryRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 3);
$objContactsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 4);
$objShippingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 5);
$objReceivingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 6);
$objReportsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 7);
if (array_key_exists('strReferer', $_GET)) {
QApplication::Redirect($_GET['strReferer']);
} else {
if ($objAssetRoleModule->AccessFlag) {
// If the user has access to the assets module, send them there, otherwise...
QApplication::Redirect('./assets/');
} else {
if ($objInventoryRoleModule->AccessFlag) {
Qapplication::Redirect('./inventory/');
} else {
if ($objContactsRoleModule->AccessFlag) {
Qapplication::Redirect('./contacts/');
} else {
if ($objShippingRoleModule->AccessFlag) {
Qapplication::Redirect('./shipping/');
} else {
if ($objReceivingRoleModule->AccessFlag) {
Qapplication::Redirect('./receiving/');
} else {
if ($objReportsRoleModule->AccessFlag) {
Qapplication::Redirect('./reports/');
}
}
}
}
}
}
}
}
}